npm10 vulnerabilities

Known vulnerabilities in the npm10 package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
H OS Command Injection	<10.24.1-150000.1.53.1
M HTTP Request Smuggling	<10.24.1-150000.1.47.1
M HTTP Request Smuggling	<10.24.1-150000.1.47.1
M HTTP Request Smuggling	<10.24.1-150000.1.47.1
H OS Command Injection	<10.24.1-150000.1.47.1
M HTTP Request Smuggling	<10.24.1-150000.1.47.1
M HTTP Request Smuggling	<10.24.1-150000.1.47.1
C Use After Free	<10.24.1-150000.1.47.1
C Use After Free	<10.24.1-150000.1.47.1
L Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<10.24.1-150000.1.44.1
M Information Exposure	<10.24.1-150000.1.44.1
L CVE-2021-44907	<10.24.1-150000.1.44.1
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<10.24.1-150000.1.44.1
H Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<10.24.1-150000.1.44.1
H Inefficient Regular Expression Complexity	<10.24.1-150000.1.44.1
H Directory Traversal	<10.24.1-150000.1.44.1
H Link Following	<10.24.1-150000.1.44.1
M CVE-2021-23343	<10.24.1-150000.1.44.1
L Allocation of Resources Without Limits or Throttling	<10.15.2-1.6.1
H Link Following	<10.16.0-1.9.1
H Allocation of Resources Without Limits or Throttling	<10.16.3-1.12.1
H Allocation of Resources Without Limits or Throttling	<10.16.3-1.12.1
H Allocation of Resources Without Limits or Throttling	<10.16.3-1.12.1
H Allocation of Resources Without Limits or Throttling	<10.16.3-1.12.1
H Allocation of Resources Without Limits or Throttling	<10.16.3-1.12.1
H CVE-2019-9513	<10.16.3-1.12.1
H Resource Exhaustion	<10.16.3-1.12.1
H Allocation of Resources Without Limits or Throttling	<10.16.3-1.12.1
H Improper Privilege Management	<10.18.0-1.15.1
H Directory Traversal	<10.18.0-1.15.1
H Symlink Following	<10.18.0-1.15.1
H CVE-2019-15606	<10.19.0-1.18.1
H HTTP Request Smuggling	<10.19.0-1.18.1
H Improper Certificate Validation	<10.19.0-1.18.1
H Integer Overflow or Wraparound	<10.21.0-1.21.1
C Integer Underflow	<10.21.0-1.21.1
H Improper Enforcement of Message or Data Structure	<10.21.0-1.21.1
H Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<10.21.0-1.21.1
H Buffer Overflow	<10.22.1-1.27.1
M Information Exposure Through Log Files	<10.22.1-1.27.1
M HTTP Request Smuggling	<10.23.1-1.30.1
H Use After Free	<10.23.1-1.30.1
H NULL Pointer Dereference	<10.23.1-1.30.1
M Integer Overflow or Wraparound	<10.24.0-1.33.2
M CVE-2021-22884	<10.24.0-1.33.2
H Missing Release of Resource after Effective Lifetime	<10.24.0-1.33.2
H Improper Certificate Validation	<10.24.1-1.36.1
H NULL Pointer Dereference	<10.24.1-1.36.1
H CVE-2021-27290	<10.24.1-1.36.1
M Inefficient Regular Expression Complexity	<10.24.1-1.36.1
M Out-of-bounds Read	<10.24.1-1.36.1
H Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<10.24.1-1.36.1

Vulnerability

Vulnerable Version

OS Command Injection

<10.24.1-150000.1.53.1

HTTP Request Smuggling

<10.24.1-150000.1.47.1

HTTP Request Smuggling

<10.24.1-150000.1.47.1

HTTP Request Smuggling

<10.24.1-150000.1.47.1

OS Command Injection

<10.24.1-150000.1.47.1